ComboFix 12-02-11.03 - thuis 12/02/2012  15:03:10.3.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.32.1043.18.3070.1510 [GMT 1:00]
Gestart vanuit: c:\users\thuis\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\thuis\AppData\Roaming\inst.exe
c:\users\thuis\AppData\Roaming\vso_ts_preview.xml
c:\windows\isRS-000.tmp
c:\windows\IsUn0413.exe
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\jucheck.exe
c:\windows\UA000011.DLL
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2012-01-12 to 2012-02-12  ))))))))))))))))))))))))))))))
.
.
2012-02-12 14:15 . 2012-02-12 14:16	--------	d-----w-	c:\users\thuis\AppData\Local\temp
2012-02-12 14:15 . 2012-02-12 14:15	--------	d-----w-	c:\users\Zoë\AppData\Local\temp
2012-02-12 14:15 . 2012-02-12 14:15	--------	d-----w-	c:\users\Public\AppData\Local\temp
2012-02-12 14:15 . 2012-02-12 14:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-02-12 14:15 . 2012-02-12 14:15	--------	d-----w-	c:\users\Zaak\AppData\Local\temp
2012-02-12 10:44 . 2012-02-12 10:44	388096	----a-r-	c:\users\thuis\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-02-12 07:43 . 2012-02-12 07:43	--------	d-----w-	c:\users\Zoë\AppData\Local\{31E28AEA-6C2F-4657-87D3-039DCE166673}
2012-02-11 17:08 . 2012-02-11 17:08	--------	d-----w-	c:\users\Zoë\AppData\Local\{BCA22172-51C9-4E37-B4FD-0362B16FE21E}
2012-02-11 17:07 . 2012-02-11 17:08	--------	d-----w-	c:\users\Zoë\AppData\Local\{955FAB2D-EAC7-45B0-A200-9A3626B300E0}
2012-02-11 09:19 . 2012-02-11 09:19	--------	d-----w-	c:\users\thuis\AppData\Local\ElevatedDiagnostics
2012-02-10 21:48 . 2012-02-10 21:50	--------	d-----w-	c:\program files\Defraggler
2012-02-10 17:55 . 2012-02-10 17:55	--------	d-----w-	c:\users\Zoë\AppData\Local\{85C84D31-8188-4E6A-BA8C-57F6FCFF3329}
2012-02-10 17:54 . 2012-02-10 17:55	--------	d-----w-	c:\users\Zoë\AppData\Local\{4D1C6C62-6201-45F0-A985-AE63EE62CA2F}
2012-02-10 10:31 . 2012-02-10 10:31	--------	d-----w-	c:\users\thuis\AppData\Local\Christofer_Persson
2012-02-10 10:25 . 2012-02-10 10:25	--------	d-----w-	c:\users\thuis\AppData\Roaming\Christofer Persson
2012-02-10 10:25 . 2012-02-10 10:25	--------	d-----w-	c:\program files\Kantaris
2012-02-10 07:43 . 2012-01-06 04:19	6557240	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E500BCDD-FBAE-400E-90C6-9A1D3D79B1B5}\mpengine.dll
2012-02-09 15:59 . 2012-02-09 15:59	--------	d-----w-	c:\users\Zoë\AppData\Local\{00793924-EE1F-43D4-952F-713843758CE3}
2012-02-09 15:58 . 2012-02-09 15:59	--------	d-----w-	c:\users\Zoë\AppData\Local\{4B31D48E-43C6-4347-BA7B-0DD96C5D90FB}
2012-02-08 11:38 . 2012-02-08 11:38	--------	d-----w-	c:\users\Zoë\AppData\Local\{AFD3D286-7B9F-4AB8-A684-0550156C29FD}
2012-02-08 11:38 . 2012-02-08 11:38	--------	d-----w-	c:\users\Zoë\AppData\Local\{CC140332-E049-449F-A19C-8836147CF8B8}
2012-02-07 16:24 . 2012-02-07 16:25	--------	d-----w-	c:\users\Zoë\AppData\Local\{9E1B3A7E-7110-46AF-BC04-B12DEFB699EC}
2012-02-07 16:24 . 2012-02-07 16:24	--------	d-----w-	c:\users\Zoë\AppData\Local\{281984E1-7A61-433B-BB73-DB1C4AD745ED}
2012-02-06 15:53 . 2012-02-06 15:53	--------	d-----w-	c:\users\Zoë\AppData\Local\{49306E28-4ED5-4CBD-8DA6-61AC945809D5}
2012-02-06 15:53 . 2012-02-06 15:53	--------	d-----w-	c:\users\Zoë\AppData\Local\{E863A944-FAC1-4F51-97D4-D6095FDB18CC}
2012-02-05 09:21 . 2012-02-05 09:21	--------	d-----w-	c:\users\Zoë\AppData\Local\{36BAC483-876F-44C8-B87B-4FE1C94CCF02}
2012-02-05 09:20 . 2012-02-05 09:21	--------	d-----w-	c:\users\Zoë\AppData\Local\{B8DB01C5-BA23-4FB6-97DA-048667AF0DB1}
2012-02-04 10:40 . 2012-02-04 10:41	--------	d-----w-	c:\users\Zoë\AppData\Local\{D8FD1759-099A-49DD-A24A-814A279E09C6}
2012-02-04 10:40 . 2012-02-04 10:40	--------	d-----w-	c:\users\Zoë\AppData\Local\{2E2EBB35-A29E-45E6-82C7-42FD443ED7EC}
2012-02-03 15:42 . 2012-02-03 15:42	--------	d-----w-	c:\users\Zoë\AppData\Local\{E27D3E79-2AC6-40C0-AFD4-17F76AFB22DE}
2012-02-03 15:42 . 2012-02-03 15:42	--------	d-----w-	c:\users\Zoë\AppData\Local\{F856FB36-A039-4419-820D-47B62261055D}
2012-02-03 09:14 . 2012-02-03 09:14	--------	d-----w-	c:\users\thuis\AppData\Roaming\Hobbyist Software
2012-02-03 09:14 . 2012-02-03 09:14	--------	d-----w-	c:\users\thuis\AppData\Local\Hobbyist_Software
2012-02-03 09:13 . 2012-02-12 09:47	--------	d-----w-	c:\program files\Hobbyist Software
2012-02-02 18:28 . 2012-02-02 18:29	--------	d-----w-	c:\users\Zoë\AppData\Local\{CBE30163-991B-4BCD-A008-9FD2972A0BAF}
2012-02-02 18:28 . 2012-02-02 18:28	--------	d-----w-	c:\users\Zoë\AppData\Local\{0A8B27C0-3703-49F2-B208-214B5EE86C86}
2012-02-01 18:31 . 2012-02-01 18:31	--------	d-----w-	c:\users\Public\Recorded Audio
2012-01-31 17:34 . 2012-01-31 17:34	--------	d-----w-	c:\users\Zoë\AppData\Local\{6E45C06E-19A6-4E43-9188-506D523AA5A7}
2012-01-31 17:33 . 2012-01-31 17:34	--------	d-----w-	c:\users\Zoë\AppData\Local\{08503C43-3111-45A8-BF7B-D74636ED3016}
2012-01-31 05:33 . 2012-01-31 05:33	--------	d-----w-	c:\users\Zoë\AppData\Local\{7A696580-F61B-446D-9125-E535F00CF1E1}
2012-01-31 05:33 . 2012-01-31 05:33	--------	d-----w-	c:\users\Zoë\AppData\Local\{8A10BC6E-D1A5-4817-9C8A-6D3724747F90}
2012-01-30 17:33 . 2012-01-30 17:33	--------	d-----w-	c:\users\Zoë\AppData\Local\{7738DA30-D41A-4168-A548-91A0E2D04282}
2012-01-30 17:32 . 2012-01-30 17:33	--------	d-----w-	c:\users\Zoë\AppData\Local\{CE8C72F3-E31A-455E-9209-2FAE67E9E59E}
2012-01-28 12:29 . 2012-01-28 12:29	--------	d-----w-	c:\users\Zoë\AppData\Local\{8F3293ED-AF78-4A6B-8C9B-8298D6073D99}
2012-01-28 12:29 . 2012-01-28 12:29	--------	d-----w-	c:\users\Zoë\AppData\Local\{B92E5512-CA20-401A-BEC4-FA35E18E1866}
2012-01-26 18:18 . 2012-01-26 18:18	--------	d-----w-	c:\users\Zoë\AppData\Local\{E1013FCE-70BC-440A-9F1C-B6E2891E518F}
2012-01-26 18:18 . 2012-01-26 18:18	--------	d-----w-	c:\users\Zoë\AppData\Local\{164C8107-9EE8-4F55-8863-25E9704C45EB}
2012-01-26 12:18 . 2012-01-26 12:18	--------	d-----w-	c:\windows\system32\20-20 Technologies
2012-01-23 15:40 . 2012-01-23 15:40	--------	d-----w-	c:\users\Zoë\AppData\Local\{1468CE2F-37D2-4A1C-AD2C-F31EFD5B72CA}
2012-01-23 15:40 . 2012-01-23 15:40	--------	d-----w-	c:\users\Zoë\AppData\Local\{80687AEF-4914-4C04-B4EB-3C0D45B12424}
2012-01-23 15:10 . 2012-01-23 15:10	--------	d-----w-	c:\program files\Conduit
2012-01-23 15:10 . 2012-01-23 15:26	--------	d-----w-	c:\users\thuis\AppData\Local\Conduit
2012-01-22 20:59 . 2012-01-22 20:59	--------	d-----w-	c:\users\Zoë\AppData\Local\{1DB16852-E967-4942-8BB3-D76215ADDD92}
2012-01-22 08:59 . 2012-01-22 08:59	--------	d-----w-	c:\users\Zoë\AppData\Local\{18B1B12A-846D-4FDA-90FD-CEB48D328B56}
2012-01-22 08:59 . 2012-01-22 08:59	--------	d-----w-	c:\users\Zoë\AppData\Local\{9A892C2E-7431-4685-858E-73B36538AA9F}
2012-01-21 20:58 . 2012-01-21 20:58	--------	d-----w-	c:\users\Zoë\AppData\Local\{DB59531D-2350-4453-8250-65B3A3A09DFA}
2012-01-21 20:58 . 2012-01-21 20:58	--------	d-----w-	c:\users\Zoë\AppData\Local\{60DF7CC9-FD8A-4083-9070-691693931984}
2012-01-21 04:31 . 2012-01-21 04:31	--------	d-----w-	c:\users\Zoë\AppData\Local\{63C31E5D-BD80-474C-90CB-44C03F02CE71}
2012-01-21 04:30 . 2012-01-21 04:31	--------	d-----w-	c:\users\Zoë\AppData\Local\{2413F0EF-AEAB-4E79-928B-5D45C40DA9DF}
2012-01-20 16:30 . 2012-01-20 16:30	--------	d-----w-	c:\users\Zoë\AppData\Local\{BBDEA3C5-9417-4C98-802D-9F090762CDE9}
2012-01-20 16:30 . 2012-01-20 16:30	--------	d-----w-	c:\users\Zoë\AppData\Local\{FE8264CF-C2FA-46CE-ABD1-36EEB88D5D53}
2012-01-20 10:38 . 2012-01-20 10:46	--------	d-----w-	c:\users\thuis\SecurityScans
2012-01-20 10:37 . 2012-01-20 10:37	--------	d-----w-	c:\program files\Microsoft Baseline Security Analyzer 2
2012-01-20 04:28 . 2012-01-20 04:30	--------	d-----w-	c:\users\Zoë\AppData\Local\{3777FF42-C5AD-4081-A8C3-FBDAAA2538A1}
2012-01-20 04:28 . 2012-01-20 04:28	--------	d-----w-	c:\users\Zoë\AppData\Local\{FD63D651-82A5-4304-BEE4-60844584F83A}
2012-01-19 16:28 . 2012-01-19 16:28	--------	d-----w-	c:\users\Zoë\AppData\Local\{EE24928F-B9F1-4B48-B4F5-6B1794AFA453}
2012-01-19 16:27 . 2012-01-19 16:28	--------	d-----w-	c:\users\Zoë\AppData\Local\{3AF19775-1F20-422F-AEEC-1211CFFDBC0B}
2012-01-17 15:24 . 2012-01-17 15:24	--------	d-----w-	c:\users\Zoë\AppData\Local\{3C855217-CE5A-48DE-8DB9-0A4F550D6B06}
2012-01-17 15:23 . 2012-01-17 15:23	--------	d-----w-	c:\users\Zoë\AppData\Local\{5029BE7E-9D32-4BDF-A348-4F2B2DA6968E}
2012-01-16 18:51 . 2012-01-16 18:51	--------	d-----w-	c:\users\Zoë\AppData\Local\{E4B6095A-04D1-452A-80B1-45C3AF4606BA}
2012-01-16 18:50 . 2012-01-16 18:51	--------	d-----w-	c:\users\Zoë\AppData\Local\{7D33FFD4-4AE3-4499-B65B-4F160A6D07C6}
2012-01-15 08:04 . 2012-01-15 08:04	--------	d-----w-	c:\users\Zoë\AppData\Local\{307689CD-C32C-445D-A14C-4F6B67F6DBAF}
2012-01-15 08:02 . 2012-01-15 08:02	--------	d-----w-	c:\users\Zoë\AppData\Local\{9B2B959D-9E27-4BE2-AC28-BB8E0DA35377}
2012-01-15 07:59 . 2012-01-15 07:59	--------	d-----w-	c:\users\Zoë\AppData\Local\{D8A45E65-CA17-489F-AADE-3ECF9E3218A3}
2012-01-14 03:59 . 2012-01-14 03:59	--------	d-----w-	c:\users\Zoë\AppData\Local\{2FD16247-1A3A-414C-9138-AADB996D733F}
2012-01-14 03:59 . 2012-01-14 03:59	--------	d-----w-	c:\users\Zoë\AppData\Local\{82A3733A-90F2-4538-9D84-0167E07BD34F}
2012-01-14 03:58 . 2012-01-14 03:58	--------	d-----w-	c:\users\Zoë\AppData\Local\{E285CA62-C76C-44D8-A2C5-9DBB1F9CAA53}
2012-01-14 03:58 . 2012-01-14 03:58	--------	d-----w-	c:\users\Zoë\AppData\Local\{881689EA-25D2-490D-A7CA-0B3C9B24795E}
2012-01-14 03:58 . 2012-01-14 03:58	--------	d-----w-	c:\users\Zoë\AppData\Local\{C999FB27-D6EB-41F1-8368-86DF12EC96E6}
2012-01-14 03:58 . 2012-01-14 03:58	--------	d-----w-	c:\users\Zoë\AppData\Local\{6BB33EBA-B178-4EBE-8FD3-BC34AE1EFB60}
2012-01-14 03:57 . 2012-01-14 03:57	--------	d-----w-	c:\users\Zoë\AppData\Local\{11B7F6DB-F9A7-4B5D-A168-9FA05672CEA8}
2012-01-14 03:57 . 2012-01-14 03:57	--------	d-----w-	c:\users\Zoë\AppData\Local\{BA67719F-B0F8-44ED-BD25-0931F12F0D90}
2012-01-14 03:57 . 2012-01-14 03:57	--------	d-----w-	c:\users\Zoë\AppData\Local\{CE27C1B3-18C1-4EA4-BE08-D1E5F6F11AE8}
2012-01-14 03:57 . 2012-01-14 03:57	--------	d-----w-	c:\users\Zoë\AppData\Local\{96760787-D6B8-4EFE-BD98-C7BCFB41F63C}
2012-01-14 03:56 . 2012-01-14 03:56	--------	d-----w-	c:\users\Zoë\AppData\Local\{F17E2788-1EA0-4AB4-B177-02623839DBB2}
2012-01-13 15:56 . 2012-01-13 15:56	--------	d-----w-	c:\users\Zoë\AppData\Local\{273BC804-67B4-4710-97E2-D9397B9E8A64}
2012-01-13 15:55 . 2012-01-13 15:56	--------	d-----w-	c:\users\Zoë\AppData\Local\{6C683AEA-422B-4595-BB04-F3674C3E0EF9}
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-01 18:53 . 2011-06-13 05:12	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-26 23:21 . 2009-10-03 07:12	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-01-12 08:54 . 2012-01-12 08:54	12872	----a-w-	c:\windows\system32\bootdelete.exe
2012-01-12 08:47 . 2012-01-12 08:47	23624	----a-w-	c:\windows\system32\drivers\hitmanpro35.sys
2011-12-14 09:04 . 2011-12-14 09:04	658704	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-12-10 14:24 . 2011-10-19 09:38	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-11-25 15:59 . 2012-01-12 12:52	376320	----a-w-	c:\windows\system32\winsrv.dll
2011-11-23 13:37 . 2011-12-14 07:43	2043904	----a-w-	c:\windows\system32\win32k.sys
2011-11-20 17:09 . 2011-11-20 17:09	98304	----a-w-	c:\windows\system32\CmdLineExt.dll
2011-11-18 20:23 . 2012-01-12 12:52	1205064	----a-w-	c:\windows\system32\ntdll.dll
2011-11-18 17:47 . 2012-01-12 12:52	66560	----a-w-	c:\windows\system32\packager.dll
2011-11-17 06:48 . 2012-01-12 13:21	440192	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2011-11-16 16:23 . 2012-01-12 13:21	377344	----a-w-	c:\windows\system32\winhttp.dll
2011-11-16 16:23 . 2012-01-12 13:21	72704	----a-w-	c:\windows\system32\secur32.dll
2011-11-16 16:23 . 2012-01-12 13:21	278528	----a-w-	c:\windows\system32\schannel.dll
2011-11-16 16:21 . 2012-01-12 13:21	1259008	----a-w-	c:\windows\system32\lsasrv.dll
2011-11-16 14:12 . 2012-01-12 13:21	9728	----a-w-	c:\windows\system32\lsass.exe
2011-12-17 05:09 . 2011-05-10 15:58	121816	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-11-02 365336]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\users\Zaak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-01-13 13:53	460872	----a-w-	c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06	254696	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33	202240	----a-w-	c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
HPService	REG_MULTI_SZ   	HPSLPSVC
Akamai	REG_MULTI_SZ   	Akamai
.
Inhoud van de 'Gedeelde Taken' map
.
2012-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-07 10:41]
.
2012-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-07 10:41]
.
2012-02-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1503386550-1563833762-866553309-1000Core.job
- c:\users\thuis\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-16 12:43]
.
2012-02-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1503386550-1563833762-866553309-1000UA.job
- c:\users\thuis\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-16 12:43]
.
2012-02-12 c:\windows\Tasks\HPCeeScheduleForthuis.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-01-23 15:34]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
uInternet Settings,ProxyOverride = local
IE: &Download by Orbit - c:\programdata\Kaspersky Lab\SandboxShared\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\programdata\Kaspersky Lab\SandboxShared\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Video Converter... - c:\program files\Media Player Utilities 5.22\AVIConverter\grab.html
IE: Do&wnload selected by Orbit - c:\programdata\Kaspersky Lab\SandboxShared\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\programdata\Kaspersky Lab\SandboxShared\Orbitdownloader\orbitmxt.dll/202
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
TCP: DhcpNameServer = 192.168.1.1
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab
FF - ProfilePath - c:\users\thuis\AppData\Roaming\Mozilla\Firefox\Profiles\tlosi15l.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - SweetIM Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)
WebBrowser-{48FB8510-61E8-4DFF-88FD-5FB277118ED9} - (no file)
MSConfigStartUp-Adobe ARM - c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
AddRemove-Ulead Photo Express 3.0 - c:\windows\IsUn0413.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-12 15:16
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ... 
.
scannen van verborgen autostart items ... 
.
scannen van verborgen bestanden ... 
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_7de0ed9.dll"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
Voltooingstijd: 2012-02-12  15:19:47
ComboFix-quarantined-files.txt  2012-02-12 14:19
.
Pre-Run: 375.357.652.992 bytes beschikbaar
Post-Run: 374.495.842.304 bytes beschikbaar
.
- - End Of File - - D2691CB36AFFC81CF64FFFB52277BE16